Skip to content
Last update: 2022-03-11

Add a group

  1. Go to Authentication > Groups and click Add.
  2. Enter a name.
  3. Select a type.

    Option Description
    Normal Require users to log on using a device with a client component.
    Clientless Do not require users to log on using a client. Access control is performed through the IP address.
  4. Select policies.


    Policies specified at the user level take precedence over those specified at the group level.

    Option Description
    Surfing quota Access based on a defined period and type. This policy can include a cycle type, hours, validity, and maximum hours.
    Access time Access or denial based on a defined recurring period.
    Network traffic Access based on bandwidth usage.
    Traffic shaping Access based on QoS traffic shaping policy. This policy can include a policy association, priority, and specific limits for uploading and downloading.
    Remote access Access to be applied to remote users through VPN. This relates to SSL VPN connections through the Sophos Connect client and the legacy SSL VPN client.
    Clientless Access to be granted to users using only a browser as a client. This policy can include bookmarks or resources that clientless users are allowed to access.
  5. Specify the settings.


    User policies take precedence over policies of the group to which the user belongs.

    Option Description
    Quarantine digest Sends a list of emails held in the quarantine area to the user's inbox as a digest.
    MAC binding Require users to log on through specified devices.
    L2TP Allow access through L2TP connections.
    PPTP Provide access through PPTP connections.
    IPsec remote access Provide remote access IPsec VPN connections through the Sophos Connect client.
    Login restriction Allow access from the specified nodes. You can specify no restriction (any node), named nodes, or a node range.
  6. Click Save.

More resources

Back to top